Administrator Guide
17
FCoE Transit
The Fibre Channel over Ethernet (FCoE) Transit feature is supported on the MXL 10/40GbE switch. When you enable the switch for
FCoE transit, the switch functions as a FIP snooping bridge.
NOTE: FCoE transit is not supported on Fibre Channel interfaces.
Fibre Channel over Ethernet
FCoE provides a converged Ethernet network that allows the combination of storage-area network (SAN) and LAN trac on a
Layer 2 link by encapsulating Fibre Channel data into Ethernet frames.
FCoE works with the Ethernet enhancements provided in data center bridging (DCB) to support lossless (no-drop) SAN and LAN
trac. In addition, DCB provides exible bandwidth sharing for dierent trac types, such as LAN and SAN, according to 802.1p
priority classes of service. For more information, refer to the Data Center Bridging (DCB) chapter.
Ensure Robustness in a Converged Ethernet Network
Fibre Channel networks used for SAN trac employ switches that operate as trusted devices. To communicate with other end
devices attached to the Fibre Channel network, end devices log into the switch to which they are attached.
Because Fibre Channel links are point-to-point, a Fibre Channel switch controls all storage trac that an end device sends and
receives over the network. As a result, the switch can enforce zoning congurations, ensure that end devices use their assigned
addresses, and secure the network from unauthorized access and denial-of-service (DoS) attacks.
To ensure similar Fibre Channel robustness and security with FCoE in an Ethernet cloud network, FIP establishes virtual point-to-
point links between FCoE end-devices (server ENodes and target storage devices) and FCoE forwarders (FCFs) over transit FCoE-
enabled bridges.
Ethernet bridges commonly provide ACLs that can emulate a point-to-point link by providing the trac enforcement required to
create a Fibre Channel-level of robustness. You can congure ACLs to emulate point-to-point links, providing control over the trac
received or transmitted into the switch. To automatically generate ACLs, use FIP snooping. In addition, FIP serves as a Layer 2
protocol to:
• Operate between FCoE end-devices and FCFs over intermediate Ethernet bridges to prevent unauthorized access to the
network and achieve the required security.
• Allow transit Ethernet bridges to eciently monitor FIP frames passing between FCoE end-devices and an FCF. To dynamically
congure ACLs on the bridge to only permit trac authorized by the FCF, use the FIP snooping data.
FIP enables FCoE devices to discover one another, initialize and maintain virtual links over an Ethernet network, and access storage
devices in a storage area network (SAN). FIP satises the Fibre Channel requirement for point-to-point connections by creating a
unique virtual link for each connection between an FCoE end-device and an FCF via a transit switch.
FIP provides functionality for discovering and logging into an FCF. After discovering and logging in, FIP allows FCoE trac to be sent
and received between FCoE end-devices (ENodes) and the FCF. FIP uses its own EtherType and frame format. The following
illustration shows the communication that occurs between an ENode server and an FCoE switch (FCF).
The following table lists the FIP functions.
302
FCoE Transit